A web application firewall inspects requests and filters those that are deemed malicious. In comparison, Client Reputation focuses on the source of the request, and determines the extent to which that source has sent malicious requests in the past. Register today for this upcoming webcast to find out more!

SC Magazine's SC Congress returns to London on 3 March, 2015 with an all new programme! Here is your chance to catch a full day of hard-hitting information security news and solutions from leaders in their industries that you can implement for your company.

As employees increasingly have mobile access to the corporate network this webcast will discuss the steps organisations can take to minimise risk among their workforce and detail what a mobile device management policy should look like and how to enforce it. Register today for this SC editorial webcast!

ISPs prepare for second phase of data retention directive

The second phase of the data retention directive will begin on Monday.

The first phase of the directive required telecommunications companies to retain fixed and mobile communications data. The second phase includes internet-related communication data, such as broadband access, internet telephony and email event data, to be retained in case it is required by law enforcement and other public authorities.

Neil Cook, head of technology services EMEA at Cloudmark, said: “Quite clearly, this new legislation opens up a whole can of worms for the ISPs when it comes to potential security implications. Considering the sheer volume of high profile security breaches hitting the headlines in the UK, the protection and storage of data is of paramount importance to an organisation.

“There is a plethora of questions that need to be considered with the introduction of this regulation, such as who has access to the data? Is that data logged? How is the data logged? What guarantees are there that data will not be retained past the 12 months? All this must be taken into consideration before any concrete strategies on the storage of this data are implemented.”

Carmen Carey, CEO of CopperEye, comments: “Communications data is a key piece of the puzzle used for investigations of serious crimes and threats to national security. It is essential that vital data is securely retained. Providers should consider that existing systems may not have the capability to comply with new legislative requirements.

“Unlike telecommunications companies that usually have extensive data management capabilities, many internet service providers are relatively small in comparison and are not able to manage the volumes of data that this directive demands.

“Therefore, they must implement a data management solution that is appropriate to their size and needs and leverage the most appropriate technology to satisfy the European Union Data Retention Directive requirements.”

SC Magazine arms information security professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face and establish risk management and compliance postures that underpin overall business strategies.